Bidirectional authentication

US 9,473,490 B2
Filed: 10/13/2014
Issued: 10/18/2016
Est. Priority Date: 10/13/2014
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

receiving, by a device comprising a processor, a communication request from a server associated with a financial institution entity;

collecting, by the device, biometric data from a user associated with the device;

generating a token, by the device, in response to receiving the communication, wherein the token comprises the biometric data and at least one of a personal identification number (PIN), an alphanumeric value, a code word, a pass phrase, and a security question;

transmitting, by the device, the generated token to the server associated with the financial institution entity;

receiving, by the device, evidence data from the server, wherein the evidence data is indicative that the token was received by the server; and

establishing, by the device, a communication channel with the server in response to receiving evidence data of the token.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems, methods, and other embodiments associated with bidirectional authentication are described herein. According to one embodiment, a method includes a user receiving a communication from an entity. In response to receiving the communication from the entity, the method further includes generating a token. The token may be a one-time passcode, personal identification number (PIN), alphanumeric value, code word, pass phrase, or security question. The token is received by a device of the user. Additionally, the token is transmitted to the entity. The user may then receive evidence of the token from the entity.

32 Citations

View as Search Results

20 Claims

1. A method, comprising:
- receiving, by a device comprising a processor, a communication request from a server associated with a financial institution entity;
  
  collecting, by the device, biometric data from a user associated with the device;
  
  generating a token, by the device, in response to receiving the communication, wherein the token comprises the biometric data and at least one of a personal identification number (PIN), an alphanumeric value, a code word, a pass phrase, and a security question;
  
  transmitting, by the device, the generated token to the server associated with the financial institution entity;
  
  receiving, by the device, evidence data from the server, wherein the evidence data is indicative that the token was received by the server; and
  
  establishing, by the device, a communication channel with the server in response to receiving evidence data of the token.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the evidence data comprises the token, a portion of the token, or a response to the token.
  - 3. The method of claim 1, further comprising:
    - requesting, by the device, that the server respond with evidence of the token.
  - 4. The method of claim 1, further comprising:
    - sending, by the device, registration data to the server, wherein the registration data associates the device with the user.
  - 5. The method of claim 1, wherein the communication request is received on a communication channel that is a first digital channel, and wherein the token is transmitted on authentication channel that is a second digital channel.
  - 6. The method of claim 5, wherein the first digital channel is different from the second digital channel.
  - 7. The method of claim 1, wherein the token comprises a one-time passcode.

8. A system, comprising non-transitory computer-readable medium storing computer-executable instructions that when executed by a computer cause the computer to perform operations, the operations comprising:
- receiving, by a device comprising a processor, a communication request from a server associated with a financial institution;
  
  receiving a request to generate a token;
  
  collecting biometric data from a user associated with the device;
  
  generating a token that comprises the biometric data and a variable element;
  
  transmitting the generated token to the server associated with the financial institution; and
  
  establishing, by the device, a communication channel with the server in response to receiving an indication the token was received by the server.
- View Dependent Claims (9, 10, 11, 12, 13)
- - 9. The system of claim 8, the operations further comprising:
    - sending, by the device, registration data to the server, associating the user with the device.
  - 10. The system of claim 9, wherein the sending the registration data further comprises:
    - receiving at least one of user data and device data from the user via the device;
      
      storing the at least one of user data and device data.
  - 11. The system of claim 8, the operations further comprising:
    - sending a request to verify the token was received by the server; and
      
      receiving evidence of the token from the server.
  - 12. The system of claim 11, wherein the evidence comprises the token, a portion of the token, or a response to the token.
  - 13. The system of claim 8, wherein the token comprises personal identification number (PIN), alphanumeric value, code word, pass phrase, or a security question.

14. A device, the device comprising:
- a token logic configured to generate a token based on biometric data received from a sensor on the device in response to receiving a communication request from the entity, wherein the token comprises the biometric data, and at least one of a personal identification number (PIN), a alphanumeric value, a code word, a pass phrase, and a security question; and
  
  a communication logic configured to send the token to the a server associated with a financial institution entity, and establish a communications channel with the server in response to receiving an indication that the token was received by the server.
- View Dependent Claims (15, 16, 17, 18, 19, 20)
- - 15. The device of claim 14, further comprising:
    - a registration interface configured to facilitate registering a device with the server.
  - 16. The device of claim 14, wherein the communication channel is on a first digital channel, and wherein the token is transmitted on an authentication channel that is a second digital channel.
  - 17. The device of claim 16, wherein the first digital channel is different from the second digital channel.
  - 18. The device of claim 14, wherein the indication the token was received comprises evidence data comprising at least one of the token, a portion of the token, or a response to the token.
  - 19. The device of claim 14, wherein the token further comprises location information received from a location sensor on the device.
  - 20. The device of claim 19, wherein the token logic includes the location information in response to the device being within a predetermined location.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Wells Fargo Bank NA (Wells Fargo & Company)
Original Assignee
Wells Fargo Bank NA (Wells Fargo & Company)
Inventors
Clausen, Christopher Phillip, Lepage, Lisa Michelle, Suen, Darrell Lee, Cornman, Jeffrey A.
Primary Examiner(s)
REVAK, CHRISTOPHER A

Application Number

US14/512,911
Publication Number

US 20160105425A1
Time in Patent Office

736 Days
Field of Search

None
US Class Current

1/1
CPC Class Codes

G06Q 10/10   Office automation; Time man...

G06Q 50/265   Personal security, identity...

H04L 63/0838   using one-time-passwords

H04L 63/0861   using biometrical features,...

H04L 63/0869   for achieving mutual authen...

Bidirectional authentication

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

32 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Bidirectional authentication

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

32 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links